Changes between Version 1 and Version 2 of Ticket #2101, comment 3


Ignore:
Timestamp:
02/04/21 18:12:32 (16 months ago)
Author:
uwe.h.schindler@…

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #2101, comment 3

    v1 v2  
    11I figured out what the problem is. You can have all TLS settings on the main level `http {}`, but you need at least one valid certificate there, otherwise most settings are not applied correctly.
    22
    3 IMHO, there should be some better handling of settings:
     3IMHO, there should be some better handling of settings to prevent such surprises like reported here (at least a warning should be printed on startup):
    44- generally on the top-level (inside `http {}`) one should be able to set all general TLS settings globally (as those make no sense inside server blocks), but leaving out the certificates and certificate chains for stapling
    55- certificates should be given in the `server {}` directives